wesayso.net
We know what you want. We know what you need. We know where you live.

We
have said so

First Published 3-11-2009This
document describes a basic scheme to provide several secure encrypted
web hosts on a Linux system with only one IP address and each
host having it's own domain name and certificate.

So
you want
to have several secure virtual hosts but have been told that
you can't do it without assigning an IP address to each one.

You're in the right place.

Tell me I can't do something, I dare you. :)

This
took a lot of time in testing and getting it to work in
Firefox
and IE7. If you use this scheme you owe me a bottle of tequila. I
should tell you, I drive a bright red truck, state licensed 666MTB
(Marks The Beast) so pay up, or I'll get you! :)

You can't use name based virtual hosting for secure hosts because the
certs won't work right, so you have to use IP based virtual hosts, but
each has to have it's own IP address right,,, wrong, only one can be on
port 443 but you can have as many as you want on different ports all on
the same IP address.

Using one IP address and mod-rewrite for apache2 you can set up
example.com and www.example.com to point to:
https://www.example.com:56001/

And...

example2.com and www.example2.com to
point to:
https://www.example2.com:56002/
and so on, on and on, as many
as you want, and all the certs will work without complaining.

Just to clarify, you have to goto http://example.com or
http://www.example.com
and the address will be rewritten to:
https:/www.example.com:56001/

If you goto example.com/index99.html
it will rewrite to:
https://www.example.com:56001/index99.html

So:
example.com
www.example.com
https://www.example.com:56001
Will all work and will all be secure.

But:
https://example.com
https://www.example.comWill
fail, and will even goto the wrong page if the user grants an exception
to the bad cert. Nothings perfect, but if you do it right, that wrong
page will always be an error page explaining what they did wrong or a redirect to the page they actually wanted. (that's what we do)

The pages are always called with http and always provided https.
And did I mention it won't complain about the cert?
Your looking at an
encrypted
page setup this way right now.